- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=odcs:odcs-stg"

- name: make the box be real
  hosts: odcs:odcs-stg
  user: root
  gather_facts: True

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  pre_tasks:
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"

  roles:
  - base
  - rkhunter
  - nagios_client
  - hosts
  - fas_client
  - rsyncd
  - sudo
  - collectd/base

  tasks:
  - import_tasks: "{{ tasks_path }}/2fa_client.yml"
  - import_tasks: "{{ tasks_path }}/motd.yml"

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"

- name: openvpn on the prod frontend nodes
  hosts: odcs-frontend
  user: root
  gather_facts: True

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - "{{ vars_path }}/{{ ansible_distribution }}.yml"

  roles:
  - openvpn/client

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"

- name: Set up a gluster share on the backend for the frontend
  hosts: odcs:odcs-stg
  user: root
  gather_facts: True

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - "{{ vars_path }}/{{ ansible_distribution }}.yml"

  roles:
  - role: gluster/consolidated
    gluster_brick_dir: /srv/glusterfs/
    gluster_mount_dir: /srv/odcs
    gluster_brick_name: odcs
    gluster_server_group: odcs-backend-stg
    tags: gluster
    when: env == 'staging'
  - role: gluster/consolidated
    gluster_brick_dir: /srv/glusterfs/
    gluster_mount_dir: /srv/odcs
    gluster_brick_name: odcs
    gluster_server_group: odcs-backend
    tags: gluster
    when: env != 'staging'

- name: Set up odcs frontend service
  hosts: odcs-frontend:odcs-frontend-stg
  user: root
  gather_facts: True

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - "{{ vars_path }}/{{ ansible_distribution }}.yml"

  roles:
  - mod_wsgi
  - fedmsg/base
  - odcs/frontend

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"

- name: Set up odcs backend service
  hosts: odcs-backend:odcs-backend-stg
  user: root
  gather_facts: True

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  roles:
  - odcs/backend
  - fedmsg/base

  - role: nfs/client
    mnt_dir: '/mnt/fedora_koji'
    nfs_src_dir: 'fedora_koji'
    when: env != 'staging'

  # In staging, we mount fedora_koji as read only (see nfs_mount_opts)
  - role: nfs/client
    mnt_dir: '/mnt/fedora_koji_prod'
    nfs_src_dir: 'fedora_koji'
    when: env == 'staging'

  - role: keytab/service
    service: odcs
    owner_user: odcs
    owner_group: odcs
    host: "odcs{{env_suffix}}.fedoraproject.org"

  post_tasks:
  - file: src=/mnt/fedora_koji/koji dest=/mnt/koji state=link
    tags: nfs/client

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"
